Some Keccak sponge-hash-function pointers:
Random sponge = Random permutation
The sponge construction:
First, the input string is padded with a reversible padding rule and cut into blocks ofbits. Then the bits of the state are initialized to zero and the sponge construction proceeds in two phases:
- In the absorbing phase, the -bit input blocks are XORed into the first bits of the state, interleaved with applications of the function . When all input blocks are processed, the sponge construction switches to the squeezing phase.
- In the squeezing phase, the first bits of the state are returned as output blocks, interleaved with applications of the function . The number of output blocks is chosen at will by the user.
The lastbits of the state are never directly affected by the input blocks and are never output during the squeezing phase.”
“SHA-3 was designed to be very efficient in hardware but is relatively slow in software. SHA-3 takes about double the time compared to SHA-2 to run in software and about a quarter of the time to run in hardware.” This makes it less suitable than SHA-2 for key stretching, at least against an attacker that is hardware equipped.
“The advantage of SHA-3 is that a computationally-simpler
SHA-3(key | data) can suffice as a MAC.”
Differences between SHA-2 and SHA-3 – https://stackoverflow.com/questions/14356526/whats-the-difference-between-the-hash-algorithms-sha-2-and-sha-3
Discussion of git and it’s use of SHA-1 and SHA-2 hashes – https://stackoverflow.com/questions/28159071/why-doesnt-git-use-more-modern-sha/